//package com.example.demo;
//
//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
///**
// * 基于安全认证的spring boot admin
// *
// */
//@Configuration
//@EnableWebSecurity
//public class SecurityConfig extends WebSecurityConfigurerAdapter {
//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//        // Page with login form is served as /login.html and does a POST on /login
//        http.formLogin().loginPage("/login.html").loginProcessingUrl("/login").permitAll();
//        // The UI does a POST on /logout on logout
//        http.logout().logoutUrl("/logout");
//        // The ui currently doesn't support csrf
//        http.csrf().disable();
//
//        // Requests for the login page and the static assets are allowed
//        //允许登录页面和静态资源的请求
//        http.authorizeRequests()
//                .antMatchers("/login.html", "/**/*.css", "/img/**", "/third-party/**")
//                .permitAll();
//        // ... and any other request needs to be authorized
//        //这点重要：所有请求都需要认证
//        http.authorizeRequests().antMatchers("/**").authenticated();
//
//        // Enable so that the clients can authenticate via HTTP basic for registering
//        http.httpBasic();
//    }
//}